package eu.emi.security.authn.x509.helpers.proxy;

import eu.emi.security.authn.x509.helpers.CertificateHelpers;
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralSubtree;

/* loaded from: input_file:eu/emi/security/authn/x509/helpers/proxy/ProxyAddressRestrictionData.class */
public class ProxyAddressRestrictionData extends ASN1Encodable {
    public static final String SOURCE_RESTRICTION_OID = "1.2.840.113612.5.5.1.1.2.1";
    public static final String TARGET_RESTRICTION_OID = "1.2.840.113612.5.5.1.1.2.2";
    private List<GeneralSubtree> permittedGeneralSubtrees = new ArrayList();
    private List<GeneralSubtree> excludedGeneralSubtrees = new ArrayList();

    public ProxyAddressRestrictionData(byte[] bArr) throws IOException {
        ASN1Sequence fromByteArray = ASN1Object.fromByteArray(bArr);
        switch (fromByteArray.size()) {
            case 0:
                return;
            case ProxyTracingExtension.ISSUER_EXTENSION /* 1 */:
                DERTaggedObject objectAt = fromByteArray.getObjectAt(0);
                if (objectAt.getTagNo() == 0) {
                    copyCondSequenceToVector(objectAt.getObject(), this.permittedGeneralSubtrees);
                    return;
                } else {
                    if (objectAt.getTagNo() != 1) {
                        throw new IllegalArgumentException("Illegal tag number in the proxy restriction NameConstraints data structure: " + objectAt.getTagNo() + ", should have been 0 or 1");
                    }
                    copyCondSequenceToVector(objectAt.getObject(), this.excludedGeneralSubtrees);
                    return;
                }
            case ProxyTracingExtension.SUBJECT_EXTENSION /* 2 */:
                DERTaggedObject objectAt2 = fromByteArray.getObjectAt(0);
                if (objectAt2.getTagNo() != 0) {
                    throw new IllegalArgumentException("Illegal tag number in the proxy restriction NameConstraints data structure at the first position: " + objectAt2.getTagNo() + ", should have been 0");
                }
                copyCondSequenceToVector(objectAt2.getObject(), this.permittedGeneralSubtrees);
                DERTaggedObject objectAt3 = fromByteArray.getObjectAt(1);
                if (objectAt3.getTagNo() != 1) {
                    throw new IllegalArgumentException("Illegal tag number in the proxy restriction NameConstraints data structure at the second position: " + objectAt3.getTagNo() + ", should have been 1");
                }
                copyCondSequenceToVector(objectAt3.getObject(), this.excludedGeneralSubtrees);
                return;
            default:
                throw new IllegalArgumentException("Illegal number of items in the proxy restriction NameConstraints data structure: " + fromByteArray.size() + ", should have been 0 to 2");
        }
    }

    public static ProxyAddressRestrictionData getInstance(X509Certificate x509Certificate, boolean z) throws IOException {
        byte[] extensionBytes = CertificateHelpers.getExtensionBytes(x509Certificate, z ? SOURCE_RESTRICTION_OID : TARGET_RESTRICTION_OID);
        if (extensionBytes == null) {
            return null;
        }
        return new ProxyAddressRestrictionData(extensionBytes);
    }

    public ProxyAddressRestrictionData() {
    }

    private static void copyCondSequenceToVector(DERSequence dERSequence, List<GeneralSubtree> list) {
        Enumeration objects = dERSequence.getObjects();
        while (objects.hasMoreElements()) {
            list.add(new GeneralSubtree((DERObject) objects.nextElement()));
        }
    }

    public void addPermittedIPAddressWithNetmask(String str) {
        this.permittedGeneralSubtrees.add(new GeneralSubtree(new GeneralName(7, str), (BigInteger) null, (BigInteger) null));
    }

    public void addExcludedIPAddressWithNetmask(String str) {
        this.excludedGeneralSubtrees.add(new GeneralSubtree(new GeneralName(7, str), (BigInteger) null, (BigInteger) null));
    }

    /* renamed from: toASN1Object, reason: merged with bridge method [inline-methods] */
    public DERSequence m20toASN1Object() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        addTaggedSequenceOfSubtrees(0, this.permittedGeneralSubtrees, aSN1EncodableVector);
        addTaggedSequenceOfSubtrees(1, this.excludedGeneralSubtrees, aSN1EncodableVector);
        return new DERSequence(aSN1EncodableVector);
    }

    private static void addTaggedSequenceOfSubtrees(int i, List<GeneralSubtree> list, ASN1EncodableVector aSN1EncodableVector) {
        if (list.isEmpty()) {
            return;
        }
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        Iterator<GeneralSubtree> it = list.iterator();
        while (it.hasNext()) {
            aSN1EncodableVector2.add(it.next());
        }
        aSN1EncodableVector.add(new DERTaggedObject(i, new DERSequence(aSN1EncodableVector2)));
    }

    /* JADX WARN: Type inference failed for: r0v7, types: [byte[][], byte[][][]] */
    public byte[][][] getIPSpaces() {
        return new byte[][]{subtreesIntoArray(this.permittedGeneralSubtrees), subtreesIntoArray(this.excludedGeneralSubtrees)};
    }

    public String[] getPermittedAddresses() {
        return convert2strings(getIPSpaces()[0]);
    }

    public String[] getExcludedAddresses() {
        return convert2strings(getIPSpaces()[1]);
    }

    private static byte[][] subtreesIntoArray(List<GeneralSubtree> list) {
        if (list == null) {
            return (byte[][]) null;
        }
        ArrayList arrayList = new ArrayList();
        Iterator<GeneralSubtree> it = list.iterator();
        while (it.hasNext()) {
            GeneralName base = it.next().getBase();
            if (base.getTagNo() == 7) {
                arrayList.add(base.getName().getOctets());
            }
        }
        return (byte[][]) arrayList.toArray((Object[]) new byte[arrayList.size()]);
    }

    public static String convert2sr(byte[] bArr) {
        int length = bArr.length / 2;
        StringBuilder sb = new StringBuilder(40);
        boolean z = bArr.length == 32;
        for (int i = 0; i < length; i++) {
            sb.append(z ? Integer.toHexString(bArr[i] & 255) : Integer.valueOf(bArr[i] & 255));
            if (i < length - 1) {
                sb.append(z ? ":" : ".");
            }
        }
        sb.append("/");
        int i2 = 0;
        for (int i3 = length; i3 < bArr.length; i3++) {
            i2 += Integer.bitCount(bArr[i3] & 255);
        }
        sb.append(i2);
        return sb.toString();
    }

    public static String[] convert2strings(byte[][] bArr) {
        String[] strArr = new String[bArr.length];
        for (int i = 0; i < bArr.length; i++) {
            strArr[i] = convert2sr(bArr[i]);
        }
        return strArr;
    }
}
